12 matches found
EUVD-2024-41901
Malicious code in bioql PyPI...
CVE-2025-10809 Campcodes Online Learning Management System department.php sql injection
A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. The affected element is an unknown function of the file /admin/department.php. Such manipulation of the argument d leads to sql injection. The attack can be executed remotely. The exploit has been...
Tenda AC10 Buffer Overflow Vulnerability
Tenda AC10 is a dual-band Gigabit wireless router launched by Shenzhen Jixiang Tenda Technology Co., Ltd, which is mainly for 200M and above fiber optic users, supports Wi-Fi 5 technology standard, and provides dual-band concurrent transmission. The Tenda AC10 suffers from a buffer overflow...
CVE-2024-50828
A SQL Injection vulnerability was found in /admin/editdepartment.php in kashipara E-learning Management System Project 1.0 via the d parameter...
CVE-2024-50838
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the d and pi parameters...
PT-2024-34436 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A Stored Cross-Site Scripting XSS issue was discovered in the /admin/department.php file. This allows remote attackers to execute arbitrary scripts via the d and pi...
CVE-2024-46592
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ssidencrypt5g%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2024-5859
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘d’ parameter in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress plugin Online Booking & Scheduling Calendar for WordPress by vcita Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
CVE-2021-24924
The Email Log WordPress plugin before 2.4.8 does not escape the d parameter before outputting it back in an attribute in the Log page, leading to a Reflected Cross-Site Scripting issue...
CVE-2021-24908
The Check & Log Email WordPress plugin before 1.0.4 does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting...
CVE-2013-3721
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter...